Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A software compliance assessment apparatus for determining a level of compliance of a software application in execution in a virtualized computing environment, the apparatus comprising: at least one processor and a memory, the memory comprising instructions executable by the at least one processor to control the apparatus to at least: identify resources instantiated for execution of the application; retrieve a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resources, and the compliance characteristic having associated a compliance criterion based on a formal parameter; select a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning at least one of the resources; evaluate the compliance criterion using the actual parameter; and detect a change to one or more of the resources, wherein the identification, selection, and evaluation are operable in response to a determination that one or more resources is changed, wherein the selection is operable to select the software component based on an identification of one or more data items that the software component is operable to provide.
A system assesses if software running in a virtual environment meets compliance rules. It identifies the virtual resources the software uses, retrieves compliance rules linked to those resources, and then checks if the software meets those rules. Each compliance rule has a formal requirement (parameter). The system chooses a software component to provide a value (actual parameter) for that requirement, based on data from the virtual resources. It then evaluates the rule using the actual parameter. If any virtual resources change, the system re-identifies the resources, re-selects the software component, and re-evaluates the compliance rules. The system selects the software component based on what data it can provide.
2. The apparatus of claim 1 wherein the software component is a first software component and the first software component is operable to select a second software component, the second software component providing at least some of the data concerning the at least one of the resources.
This compliance assessment system extends the process described previously by incorporating a hierarchy of software components. Specifically, a first software component is used to then select a second software component. The second software component ultimately provides the data relating to the virtualized resources. This allows the system to chain data acquisition through multiple layers of software, for instance, one component handling API selection and the next extracting raw data.
3. The apparatus of claim 1 wherein the data concerning the at least one of the resources includes at least one of: a measurement of a characteristic of the resource; an indicator of a state of the resource; and indicator of an occurrence of an event associated with the resource.
In the software compliance assessment system described previously, the data used to determine compliance includes various aspects of the virtual resources. This includes direct measurements of resource characteristics (e.g., CPU usage, memory consumption), indicators of the resource's state (e.g., running, stopped, idle), and notifications of events associated with the resource (e.g., a resource being created, deleted, or modified). The system uses this data to evaluate compliance rules.
4. The apparatus of claim 1 wherein the actual parameter is determined based on a transformation of the data concerning the at least one of the resources.
In the software compliance assessment system described previously, the actual parameter used for evaluating compliance is not always a direct measurement, state, or event. It can be a transformed version of that raw data. For example, the system might calculate a moving average of CPU usage or apply a threshold to a memory consumption value before using it to check against a compliance rule. This allows the system to evaluate parameters against combined and adjusted underlying resources.
5. The apparatus of claim 1 wherein the compliance criterion is a first criterion in a set of multiple compliance criteria for the compliance characteristic, each of the multiple compliance criteria being based on a formal parameter, wherein selection is further operable to select one or more additional software components for providing an actual parameter corresponding to a formal parameter for each other criterion in the set of multiple compliance criteria, and wherein evaluation is further operable to evaluate each of the compliance criteria using a corresponding actual parameter to determine the level of compliance.
In the software compliance assessment system described previously, a compliance characteristic may have multiple associated compliance criteria, each with its own formal parameter. The system selects software components to provide actual parameters for *all* these criteria. The system evaluates each criterion individually, using its corresponding actual parameter. Finally, the combined evaluation of all criteria determines the overall level of compliance for the software application.
6. The apparatus of claim 1 wherein the software component provides an identification of one or more data items that the software component is operable to provide in response to a request for such identification.
The software compliance assessment system described previously interacts with software components that can describe their data providing capabilities. Specifically, when the system needs a value, it can request a description of the available data items from the software component. This allows the system to dynamically discover what data a component can provide and select the right component to fulfill a given need.
7. The apparatus of claim 2 wherein the second software component provides an identification of one or more data items that the second software component is operable to provide, and the selection of the second software component is based on the identification provided by the second software component.
This builds upon the compliance assessment system with tiered software components (described in a prior claim). The second software component provides a description of its available data items. The selection of this second component is then based on the data items it advertises that it can provide. This enables dynamic discovery and selection of data sources, ensuring the system can adapt to different environments and requirements.
8. A method of a compliance assessment component for determining a level of compliance of a software application in execution in a virtualized computing environment, the method comprising: identifying resources instantiated for execution of the application; retrieving a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resources, and the compliance characteristic having associated a compliance criterion based on a formal parameter; selecting a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning at least one of the resources; evaluating the compliance criterion using the actual parameter; and in response to a determination that one or more resources is changed, repeating at least the identifying, selecting, and evaluating, wherein the selection of the software component is based on an identification of one or more data items that the software component is operable to provide.
A method for assessing software compliance in a virtual environment involves identifying virtual resources, retrieving compliance rules related to those resources, and checking if the software meets them. Each rule has a formal parameter, and a software component is chosen to provide an actual value for it, based on resource data. The rule is evaluated using the actual value. If the resources change, the identifying, selecting, and evaluating steps are repeated. The selection of the software component is based on what data it can provide.
9. The method of claim 8 wherein the software component is a first software component and the first software component is operable to select a second software component, the second software component providing at least some of the data concerning the at least one of the resources.
This compliance assessment method builds upon the description in the previous claim. The method incorporates a first software component which then selects a second software component. The second software component then is the data source for the virtual resources.
10. The method of claim 8 wherein the data concerning the at least one of the resources includes at least one of: a measurement of a characteristic of the resource; an indicator of a state of the resource; and an indicator of an occurrence of an event associated with the resource.
In the software compliance assessment method described previously, the data used to determine compliance includes various aspects of the virtual resources. This includes direct measurements of resource characteristics (e.g., CPU usage, memory consumption), indicators of the resource's state (e.g., running, stopped, idle), and notifications of events associated with the resource (e.g., a resource being created, deleted, or modified). The compliance rules can thus assess measurements, states, and events.
11. The method of claim 8 wherein the actual parameter is determined based on a transformation of the data concerning the at least one of the resources.
In the software compliance assessment method described previously, the actual parameter used for evaluating compliance is not always a direct measurement, state, or event. It can be a transformed version of that raw data. For example, the calculation of a moving average of CPU usage or application of a threshold to a memory consumption value before being used to check against a compliance rule. This ensures assessment is possible when adjustments are needed.
12. The method of claim 8 wherein the compliance criterion is a first criterion in a set of multiple compliance criteria for the compliance characteristic, each of the multiple compliance criteria being based on a formal parameter, wherein the selecting further comprises selecting one or more additional software components for providing an actual parameter corresponding to a formal parameter for each other criterion in the set of multiple compliance criteria, and wherein the evaluating further comprises evaluating each of the compliance criteria using a corresponding actual parameter to determine the level of compliance.
In the software compliance assessment method described previously, a compliance characteristic may have multiple associated compliance criteria, each with its own formal parameter. The method involves selecting software components to provide actual parameters for *all* these criteria. The method also evaluates each criterion individually, using its corresponding actual parameter. Finally, all evaluations are assessed to determine overall compliance.
13. The method of claim 8 wherein the software component provides an identification of one or more data items that the software component is operable to provide in response to a request for such identification.
In the software compliance assessment method described previously, the method interacts with software components that can describe their data providing capabilities. Specifically, when the method needs a value, it can request a description of the available data items from the software component. This allows the method to dynamically discover what data a component can provide and select the right component to fulfill a given need.
14. The method of claim 9 wherein the second software component provides an identification of one or more data items that the second software component is operable to provide, and the selection of the second software component is based on the identification by the second software component.
This builds upon the compliance assessment method with tiered software components (described in a prior claim). The second software component provides a description of its available data items. The selection of this second component is then based on the data items it advertises that it can provide. This enables dynamic discovery and selection of data sources, ensuring the system can adapt to different environments and requirements.
15. A non-transitory computer readable storage medium comprising computer program code to, when loaded into a computer system and executed thereon, cause the computer to perform functionality to determine a level of compliance of a software application in execution in a virtualized computing environment by at least: identifying resources instantiated for execution of the application; retrieving a compliance characteristic for the application, the compliance characteristic being retrieved based on the identified resources, and the compliance characteristic having associated a compliance criterion based on a formal parameter; selecting a software component for providing an actual parameter corresponding to the formal parameter, the actual parameter being based on data concerning at least one of the resources; evaluating the compliance criterion using the actual parameter; and in response to a determination that one or more resources is changed, repeating at least the identifying, selecting, and evaluating, wherein the selection of the software component is based on an identification of one or more data items that the software component is operable to provide.
A computer-readable storage medium contains instructions to determine the level of compliance of software in a virtual environment. The instructions cause the computer to identify virtual resources, retrieve compliance rules linked to those resources, and check if the software meets them. Each rule has a formal parameter, and a software component is chosen to provide an actual value for it, based on resource data. The rule is evaluated using the actual value. If resources change, these steps repeat. The software component selection is based on what data it can provide.
Unknown
October 3, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.